Story:

We have had confugured server and it was working right.
But unfortunatelly we should rename groups:

JazzAdmins -> SG jazzz-server01 JazzAdmins
JazzDWAdmins -> SG jazzz-server01 JazzDWAdmins
JazzGuest -> SG jazzz-server01 JazzGuest
JazzUsers -> SG jazzz-server01 JazzUsers
JazzProjectAdmins -> SG jazzz-server01 JazzProjectAdmins

We tried following:

com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=SG jazz-server01 JazzUsers,...

com.ibm.team.repository.ldap.groupMapping=JazzAdmins\="SG jazz-server01 JazzAdmins", JazzUsers\="SG jazz-server01 JazzUsers",...

com.ibm.team.repository.ldap.groupMapping=JazzAdmins\='SG jazz-server01 JazzAdmins', JazzUsers\='SG jazz-server01 JazzUsers',...

But nothing works :-(
Any suggestions?

TYIA

DC

Yes, thats correct.

Did you encounter any problems after configuring the LDAP groups ? You can use https://serverName:9443/jazz/setup to configure your LDAP server. You can test the configuration using "Test connection" button in the ldap setup page. This will query the groups in LDAP and test your configuration.

--- Balaji
Jazz Server Team

Hello,

according to company policies we have to have LDAP groups with spaces in names

e.g.
cn=SG jazz-server01 JazzAdmins

how we should set group mapping parameter?

e.g.
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=...

thank you in advance

David Csikkel

Easily said,
we had properly running server with LDAP login (default name of groups).
When we had to install another server we needed another jazz groups on LDAP.
We decide to rename current groups and create new ones

renamed:
JazzAdmins -> SG jazz-server01 JazzAdmins
JazzDWAdmins -> SG jazz-server01 JazzDWAdmins
JazzGuest -> SG jazz-server01 JazzGuest
JazzUsers -> SG jazz-server01 JazzUsers
JazzProjectAdmins -> SG jazz-server01 JazzProjectAdmins
created:
SG jazz-server02 JazzAdmins
SG jazz-server02 JazzDWAdmins
SG jazz-server02 JazzGuest
SG jazz-server02 JazzUsers
SG jazz-server02 JazzProjectAdmins

and problems appeared
so we changed users from LDAP to TOMCAT

we assumed that problem was connected with spaces in names
we have started to elaborate with the ' and " and at last we tried to rename groups

SG jazz-server02 JazzAdmins -> SG_jazz-server02_JazzAdmins
SG jazz-server02 JazzDWAdmins -> SG_jazz-server02_JazzDWAdmins
...

when we logged to Jazz via TOMCAT and changed it to LDAP wia web interface
we was able to import new users from LDAP it meant connection into LDAP was correct.
Although we changed contect.xml and server.xml as well (we reused existing from previous properly running jazz instance)

('<' and '>' are replaced by '*')
context.xml:
*Context*
*WatchedResource*WEB-INF/web.xml*/WatchedResource*
*Realm
className = "org.apache.catalina.realm.JNDIRealm"
debug = "99"
connectionURL = "ldap://ldap.tieto.com:389"
connectionName = "xxx"
connectionPassword = "xxx"
referrals = "follow"
userBase = "ou=tead, dc=eu, dc=tieto, dc=com"
userSearch = "(sAMAccountName={0})"
userSubtree = "true"
roleBase = "OU=Security groups,OU=Groups,OU=Czech Republic,ou=tead,dc=eu,dc=tieto,dc=com"
roleSubtree = "true"
roleSearch = "(member={0})"
roleName = "cn"
/*
*/Context*

server.xml:
...
*!--
*Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"
digest="SHA-1"
digestEncoding="UTF-8"/*
--*
...

the login was not possible.

Is there some limitation for the length of group names or for usage of "-" in name?


BR

David Csikkel
Consultant, Tieto

Definitely the ones with double and single quotes would not work.

Can you elaborate "it didn't work".

Note: The information provided in the Jazz setup wizard is only used by nightly sync task and viewing the groups of the user.

The ldap group mapping must be configured correctly in tomcat server.xml / web.xml to setup the authentication / authorization via the web container.

Please elaborate on what's not working..

--- Balaji

Story:

We have had confugured server and it was working right.
But unfortunatelly we should rename groups:

JazzAdmins -> SG jazzz-server01 JazzAdmins
JazzDWAdmins -> SG jazzz-server01 JazzDWAdmins
JazzGuest -> SG jazzz-server01 JazzGuest
JazzUsers -> SG jazzz-server01 JazzUsers
JazzProjectAdmins -> SG jazzz-server01 JazzProjectAdmins

We tried following:

com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=SG jazz-server01 JazzUsers,...

com.ibm.team.repository.ldap.groupMapping=JazzAdmins\="SG jazz-server01 JazzAdmins", JazzUsers\="SG jazz-server01 JazzUsers",...

com.ibm.team.repository.ldap.groupMapping=JazzAdmins\='SG jazz-server01 JazzAdmins', JazzUsers\='SG jazz-server01 JazzUsers',...

But nothing works :-(
Any suggestions?

TYIA

DC

Yes, thats correct.

Did you encounter any problems after configuring the LDAP groups ? You can use https://serverName:9443/jazz/setup to configure your LDAP server. You can test the configuration using "Test connection" button in the ldap setup page. This will query the groups in LDAP and test your configuration.

--- Balaji
Jazz Server Team

Hello,

according to company policies we have to have LDAP groups with spaces in names

e.g.
cn=SG jazz-server01 JazzAdmins

how we should set group mapping parameter?

e.g.
com.ibm.team.repository.ldap.groupMapping=JazzAdmins\=SG jazz-server01 JazzAdmins, JazzUsers\=...

thank you in advance

David Csikkel

[quote][/quote]

Hi all,

problem is solved :-)

We had bad assumption that group mapping is done only by Jazz configuration (teamserver.properties).
In the moment when we have changed web.xml everything started to work.

Guideline:
http://publib.boulder.ibm.com/infocenter/ieduasst/rtnv1r0/index.jsp?topic=/com.ibm.iea.rtc/rtc/1.0/Usability/JazzRTCLDAPConfiguration/player.html

David Csikkel
Consultant, Tieto